<?php
    require_once('../include/config.php');  //加载配置文件
	require_once('../include/fun_checkadmin.php'); 
    if(!empty($_POST)){
		$username = $_POST['username']; //接受登录数据
		$password = md5($_POST['password']);
		

		//$sql = "SELECT * FROM `12_admin` WHERE `adminname`  = '{$username}' AND `password` = '{$password}'";
		  $sql = 'SELECT * FROM `12_admin` WHERE `adminname` = "'. $username .'" AND `password` = "'. $password .'"';
		//查询密码和用户名是否有对应的记录
		$query = mysql_query($sql);//送入mysql服务器查询   
		
		if( ! $query)  //查询失败
		{
			die('查询出错, 原因为：'.mysql_error());
		}
		
		$result = mysql_fetch_assoc($query);  //从资源里抽取一条记录作为关联数组
		
		if( ! $result)                   //如果未查询到数据
		{
			die('<script>
					alert("登录失败请检查登录信息！");
					window.location = "login.php";
				 </script>');
		}
		else                               //查到说明登录信息正确
		{
			$_SESSION['id'] = $result['id'];
			$_SESSION['username'] = $result['adminname'];   //生成session
			header('location:admin.php');                //跳到后台首页
		}
		return;
	}
	include_once('templates/login.php');
?>
